Iranians Vulnerable to Phishing Attacks as Elections Approach
Tens of thousands of Iranians are vulnerable to phishing attacks as elections approach, according to Google. In the last three weeks, the company blocked several email-based phishing campaigns aimed at compromising the accounts of Iranian users. The attacks, which originate from within the country, represent a significant jump in the overall volume of phishing activity in the region.
“The timing and targeting of the campaigns suggest that the attacks are politically motivated in connection with the Iranian presidential election on Friday,” VP Security Engineering Eric Grosse said in a blog post. “Our Chrome browser previously helped detect what appears to be the same group using SSL certificates to conduct attacks that targeted users within Iran.”
In that case, the phishing technique was more traditional: users received an email containing a link to a fake Google sign-in page allegedly for account maintenance. If Iranians clicked the link, cyber-criminals stole their usernames and passwords.
“Especially if you are in Iran, we encourage you to take extra steps to protect your account,” the company warned. “Before typing your Google password, always verify that the URL in the address bar of your browser begins with https://accounts.google.com/. If the website’s address does not match this text, please don’t enter your Google password.”
Users should also maintain their antivirus solution updated to prevent hacking and phishing attacks.
Last month, Iranians were also targeted by a malware campaign infecting their devices with the Gamarue Trojan. The malicious file was spreading in several countries as an attachment in a fake FedEx e-mail. Gamarue stole users’ passwords and sensitive data and sent them to a command and control center.
The Iranian elections on Friday will decide a successor to President Mahmoud Ahmadinejad, who is not eligible for a third term. In 2009, his re-election made headlines with mass protests and violent crackdowns against the crowds.